Commit graph

2666 commits

Author SHA1 Message Date
Sunil Dutt
d16531c40c TDLS: Pass peer's Capability and Ext Capability info during sta_add
The contents of the peer's capability and extended capability
information is required for the driver to perform TDLS P-UAPSD and Off
Channel operations. Pass this information to the driver when the peer
station is getting added.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-14 21:02:34 +02:00
Sunil Dutt
ff4178d57c TDLS: Pass peer's HT Capability and QOS information during sta_add
The information of the peer's HT capability and the QOS information is
required for the driver to perform TDLS operations. Pass this
information to the driver when the peer station is getting added.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-14 21:01:50 +02:00
Jouni Malinen
e4dea253b7 nl80211: Add debug prints for STA add/set operations
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-14 21:01:19 +02:00
Jouni Malinen
cd8db7c3ba Synchronize with wireless-testing.git include/uapi/linux/nl80211.h
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-14 21:00:56 +02:00
Jouni Malinen
b4a17a6ea7 WPS: Allow Device Password to be changed from M1 to M2
Registrar is allowed to propose another Device Password ID in M2. Make
Enrollee validate Device Password ID in M2 to check if this happened.
This commit adds support for changing from NFC password token to default
PIN for the case where the AP is the Enrollee and has both the NFC
password token and AP PIN enabled at the same time.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-14 20:41:14 +02:00
Jouni Malinen
38a5ad6728 WPS: Fix wps_reg nfc-pw option
Commit ffdaa05a6b added support for using
NFC password token from an AP. However, it had a bug that prevented the
wpa_supplicant wps_reg command from being used with "nfc-pw" as the PIN
value. Fix string comparison to handle this correctly.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-14 19:44:54 +02:00
Sunil Dutt
7b44ff2c21 TDLS: Tear down peers when disconnecting from the AP
A TDLS Teardown frame with Reason Code 3 (Deauthenticated because
sending STA is leaving (or has left) IBSS or ESS) shall be transmitted
to all TDLS peer STAs (via the AP or via the direct path) prior to
transmitting a Disassociation frame or a Deauthentication frame to the
AP.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-13 01:19:44 +02:00
Jouni Malinen
a5b5e830a0 P2P: Do not use old scan result data for peer discovery
The driver may have cached (e.g., in cfg80211 BSS table) the scan
results for relatively long time. To avoid reporting stale information,
update P2P peers only based on results that have based on frames
received after the last p2p_find operation was started.

This helps especially in detecting when a previously operating GO stops
the group since the BSS entry for that could live for 30 seconds in the
cfg80211 cache. Running p2p_flush followed by p2p_find will now allow
wpa_supplicant to not add a P2P peer entry for that GO if the group had
been terminated just before that p2p_flush command. Previously, that GO
could have been indicated as a newly found device for up to 30 seconds
after it had stopped the group.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-12 19:25:18 +02:00
Jouni Malinen
c5f10e804a Use more accurate timestamps for scan results
For various P2P use cases, it is useful to have more accurate timestamp
for the peer information update. This commit improves scan result
handling by using a single timestamp that is taken immediately after
fetching the results from the driver and then using that value to
calculate the time when the driver last updated the BSS entry. In
addition, more debug information is added for P2P peer updates to be
able to clearly see how old information is being used here.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-12 19:14:32 +02:00
Jouni Malinen
8b2b2a70ef P2P: Postpone P2P-DEVICE-FOUND if config_methods not known
If we discover a P2P peer based on a Beacon frame from the GO role, we
do not get information about the supported configuration methods. This
can result in issues if the P2P managing entity above wpa_supplicant is
not prepared to handling config_methods=0x0. To avoid this, postpone
reporting of the P2P-DEVICE-FOUND event when this happens on one of the
social channels. It would be good to be able to this on all channels,
but that could result in issues of never indicating the event for a peer
that is operating a GO on a channel that requires passive scanning.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-12 18:24:56 +02:00
Jouni Malinen
954ee628ee P2P: Do not allow peer update to clear config_methods
It could be possible for the scan results to include two entries for a
peer, one from the Listen state and the second one from the GO role. The
latter could be based on a Beason frame. If that happens and the entry
from GO is processed last, the P2P peer config_methods value could
potentially get cleared since Beacon frames do not include this
information in either WPS or P2P element. Avoid this by allowing the
config_methods value for P2P peers to be updated only if the new value
is non-zero.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-12 18:14:48 +02:00
Jouni Malinen
bbaaaee171 WPS: Fetch only the carrier record from wpa_supplicant for NFC
Since there could be multiple carrier records, it is cleaner to build
only the WPS carrier record instead of full NFC connection handover
request within wpa_supplicant.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-10 18:19:59 +02:00
Jouni Malinen
6772a90ad0 WPS: Add command for fetching carrier record for NFC handover
Control interface command "NFC_GET_HANDOVER_SEL NDEF WPS-CR" can now be
used to fetch WPS carrier record from hostapd.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-10 17:12:55 +02:00
Johannes Berg
3aea5fbe3b hostapd: Do not change HT40 capability due to OBSS scan
The capability itself isn't really affected by an OBSS
scan, only the HT operation must then be restricted to
20 MHz. Change this, and therefore use the secondary
channel configuration to determine the setting of the
OP_MODE_20MHZ_HT_STA_ASSOCED flag.

This shouldn't really change anything functionally,
it just makes the code a little less confusing and
is also needed to implement more dynamic bandwidth
changes if ever desired.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-02-09 12:16:58 +02:00
Jouni Malinen
9ca8427486 EAP peer: Add Session-Id derivation to more EAP methods
This commit adds Session-Id derivation for EAP-SIM, EAP-AKA, EAP-AKA',
EAP-PSK, and EAP-SAK peer methods.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-09 01:20:45 +02:00
Stevent Li
950c563076 EAP peer: Add Session-Id derivation
This adds a new getSessionId() callback for EAP peer methods to allow
EAP Session-Id to be derived. This commits implements this for EAP-FAST,
EAP-GPSK, EAP-IKEv2, EAP-PEAP, EAP-TLS, and EAP-TTLS.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-09 01:20:38 +02:00
Jouni Malinen
9288e6625b EAP-IKEV2 server: Fix invalid memory freeing operation
wpabuf needs to be freed with wpabuf_free(), not os_free().

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-09 01:20:36 +02:00
Jouni Malinen
62cab3b737 eap_proxy: Add a dummy implementation for compilation testing
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-08 11:54:05 +02:00
Deepthi Gowri
45f4a97a3a eap_proxy: Add mechanism for allowing EAP methods to be offloaded
In addition to the offload mechanism, the Android configuration and
makefiles are extended to allow this to be configured for the build by
dropping in platform specific configuration files and makefile without
having to modify any existing files.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-08 11:54:01 +02:00
Deepthi Gowri
83e7aedf72 Android: Allow setgroups to be overridden from build configuration
ANDROID_SETGROUPS_OVERRIDE macro can now be used to override setgroups()
values based on build configuration.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-08 11:53:58 +02:00
Deepthi Gowri
c002f6405f P2P: Send p2p_stop_find event on failure to start pending p2p_find
When pending p2p_find fails we need to send p2p_stop_find event to
indicate the previous p2p_find command has been processed.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-08 11:37:07 +02:00
Jouni Malinen
78441a48af P2P: Fix GO Probe Response IEs when Wi-Fi Display is enabled
Commit 1a9f6509b3 added support for
fragmenting the P2P IE in Probe Response frames from a GO. However, it
did not take into account the possibility of Wi-Fi Display IE being
included in the same buffer and caused a regression for the cases where
Wi-Fi Display is enabled. Fix this by building the possibly fragmented
P2P IE first and then concatenating the separate IEs together.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-08 00:10:39 +02:00
Vladimir Kondratiev
ff3ad3c531 Capability matching for 60 GHz band
On the DMG (60 GHz) band, capability bits defined differently from
non-DMG ones. Adjust capability matching to cover both cases.

Also, for non-DMG bands, check ESS bit is set.

Signed-off-by: Vladimir Kondratiev <qca_vkondrat@qca.qualcomm.com>
2013-02-07 16:20:18 +02:00
Raja Mani
3140803b6d nl80211: Add ctrl_iface message for AP mode connection rejection
When AP mode operation reject the client, nl80211 layer advertises the
connect failed event with the reason for failures (for example, max
client reached, etc.) using NL80211_CMD_CONN_FAILED.

This patch adds some debug messages whenever such an event is received
from the nl80211 layer and also the same event is posted to the upper
layer via wpa_msg().

Signed-off-by: Raja Mani <rmani@qca.qualcomm.com>
2013-02-07 15:24:53 +02:00
Sunil Dutt
0cb12963b6 TDLS: Fix MIC calculation for teardown frame to depend on reason code
The reason code used for calculating the MIC should correspond to the
reason code with which the teardown frame is sent, as the receiver shall
use the one obtained in the frame for validating the MIC.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-05 13:36:36 +02:00
Sunil Dutt
3887878e53 TDLS: Remove link, if any, on an implicit set up request
If an implicit TDLS set up request is obtained on an existing link or an
to be established link, the previous link was not removed. This commit
disables the existing link on a new set up request. Also,
wpa_tdls_reneg() function was invoking wpa_tdls_start() on an already
existing peer for the case of internal setup, which is incorrect. Thus
the invocation of wpa_tdls_start() is removed in wpa_tdls_reneg() and
also this function is renamed to wps_tdls_remove() as it does not
renegotiation rather shall remove the link (if any) for the case of
external setup.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-05 13:27:56 +02:00
Jouni Malinen
283a26f358 TDLS: Move existing-entry check into wpa_tdls_add_peer()
There is no need to have this check copied to each caller since this
needs to be done for every case when a new peer is being added.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-05 13:16:35 +02:00
Sunil Dutt
cd22fbf85c TDLS: Use existing peer entry if available when processing discovery
Peer entries were getting added on every discover request from the peer,
thus resulting in multiple entries with the same MAC address. Ensures
that a check is done for the presence of the peer entry and reuse the
existing entry instead of adding a new one.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-05 13:10:34 +02:00
Jouni Malinen
2d9ffe1e85 P2P: Fix Action frame processing if Interworking is enabled
GAS server used the same public_action_cb mechanism as P2P to process
Action frames. This ended up overriding P2P processing of Action frames
while running an AP/GO interface with a build that enables Interworking
(e.g., for Hotspot 2.0) and a driver that uses hostapd for AP mode
SME/MLME. Fix this by adding a separate callback registration for the
GAS server. This should really be cleaned up by supporting arbitrary
number of callback handlers, but for now, this addresses the regression
with a minimal change.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-04 15:38:35 +02:00
Mark Kettenis
5f7ae5e61c Add driver for OpenBSD net80211 layer
Very basic support for OpenBSD.  No support for scanning yet, so this needs
ap_scan=0 and expects that the user has configured the interface manually
using ifconfig(8).

Signed-hostap: Mark Kettenis <kettenis@openbsd.org>
2013-02-03 21:16:29 +02:00
Pontus Fuchs
c869536ce9 eloop: Add a timer cancel that returns the remaining time
This new cancel timer will give back the remaining time if it was
pending.

Signed-hostap: Pontus Fuchs <pontus.fuchs@gmail.com>
2013-02-03 17:17:08 +02:00
Jouni Malinen
328bc71776 eloop_win: Update to be closer to the current eloop.c
Some fixes had were made only in eloop.c.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-03 17:14:45 +02:00
Jouni Malinen
5960afcd18 eloop_win: Use struct dl_list for timeouts
This merges commit eaa3f04b97 changes from
eloop.c into eloop_win.c.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-03 17:14:45 +02:00
Jouni Malinen
fc9d96a78a eloop_none: Update sample to be closer to the current eloop.c
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-03 17:14:45 +02:00
Jouni Malinen
5617809c93 eloop_none: Use struct dl_list for timeouts
This merges commit eaa3f04b97 changes from
eloop.c into eloop_none.c.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-03 17:07:02 +02:00
Jouni Malinen
5255c9ea0d eloop_none: Fix compilation
eloop.h API had been changed without updating eloop_none.c to match.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-03 16:30:33 +02:00
Jouni Malinen
3e72dace29 Fix compilation with PMKSA caching support disabled
Commit 6aaac006af modified the
pmksa_cache_init() prototype, but forgot to update the empty wrapper
function which is used when PMKSA caching is not included in the build.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-03 16:23:13 +02:00
Jouni Malinen
9ebce9c546 nl80211: Do not use void pointer for driver_ops used internally
This allows some more pointer type validation at compile time.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-03 15:46:47 +02:00
Ben Greear
085b29f1fe hostapd: Fix crash when scan fails
When scan failed, the wpa_driver_nl80211_scan method tried
to recursively call itself, but it passed in the wrong argument
for the void*, and so then it crashed accessing bad memory.

With this fix, hostapd still will not retry the scan later, but
at least it will exit cleanly and won't polute the file system
with core files.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2013-02-03 13:51:54 +02:00
Pavan Kumar
a16ed53a06 P2P: Send P2P-FIND-STOPPED event in the new continue-search states
The P2P-FIND-STOPPED event was sent only in the P2P_SEARCH state, but
this needs to be send also in the new continue-search-when-ready states
P2P_CONTINUE_SEARCH_WHEN_READY and P2P_SEARCH_WHEN_READY for consistent
behavior.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-01-15 11:52:20 +02:00
Jouni Malinen
62769a88db Move cipher to enum wpa_cipher conversion into wpa_common.c
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-13 18:02:20 +02:00
Jouni Malinen
cf830c1c54 Use a helper function for selection group cipher for AP mode
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-13 17:41:40 +02:00
Jouni Malinen
0282a8c46a Use helper function for writing cipher suite names
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-13 17:31:36 +02:00
Jouni Malinen
031453265f Define allowed pairwise/group cipher suites in a header file
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-13 17:10:38 +02:00
Jouni Malinen
a39c78be41 Use a common function for parsing cipher suites
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-13 17:06:22 +02:00
Jouni Malinen
edbd2a191e Move cipher suite selection into common helper functions
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-13 16:58:54 +02:00
Paul Stewart
93c7e332c2 wpa_supplicant: Add more DBus EAP status
Signal the start of EAP authentication as well as when additional
credentials are required to complete.

Signed-hostap: Paul Stewart <pstew@chromium.org>
2013-01-12 19:51:18 +02:00
Jouni Malinen
8b706a99b8 nl80211: Add MFP information for NL80211_CMD_CONNECT
This was previously included only with NL80211_CMD_ASSOCIATE, but the
information is as useful (if not even more useful) for
NL80211_CMD_CONNECT. It should be noted that cfg80211 does not yet use
this attribute with NL80211_CMD_CONNECT, but that can be added easily.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-01-12 17:51:54 +02:00
Sunil Dutt
624b4d5a64 P2P: Use the same Dialog Token value for every GO Negotiation retry
Each GO Negotiation Request is (re)tried with an unique dialog token and
a GO Negotiation Response / Confirmation from the peer with a mismatched
dialog token is ignored which could result in a failure in this group
formation attempt. Thus, the P2P device would continue retrying the GO
Negotiation Request frames till the GO Negotiation Response frame with a
matching dialog token is received. To avoid the failures due to the
dialog token mismatch in retry cases if the peer is too slow to reply
within the timeout, the same dialog token value is used for every retry
in the same group formation handshake.

It should be noted that this can result in different contents of the GO
Negotiation Request frame being sent with the same dialog token value
since the tie breaker bit in GO Intent is still toggled for each
attempt. The specification is not very clear on what would be the
correct behavior here. Tie breaker bit is not updated on
"retransmissions", but that is more likely referring to the layer 2
retransmission and not the retry at higher layer using a new MMPDU.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-01-12 17:51:54 +02:00
Jouni Malinen
0ef29e0c0b SAE: Move temporary data into a separate data structure
This allows even more memory to be freed when the SAE instance enters
Accepted state. This leaves only the minimal needed memory allocated
during the association which is especially helpful for the AP
implementation where multiple stations may be associated concurrently.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:54 +02:00